Permalink
Browse files

feature(annotations): Adds a more granular permission hook for canAnn…

…otate

ElggEntity::canAnnotate now first triggers the hook “permissions_check:annotate:<name>”
before the generic “permissions_check:annotate” hook.
  • Loading branch information...
mrclay committed Jul 2, 2015
1 parent d913ccd commit 83da5f1896730045fbf9de313669f8c604c44c8a
Showing with 94 additions and 8 deletions.
  1. +10 −4 docs/guides/hooks-list.rst
  2. +10 −3 engine/classes/ElggEntity.php
  3. +74 −1 engine/tests/ElggEntityTest.php
View
@@ -193,7 +193,7 @@ Permission hooks
**container_permissions_check, <entity_type>**
Return boolean for if the user ``$params['user']`` can use the entity ``$params['container']``
as a container for an entity of <entity_type> and subtype ``$params['subtype']``.
as a container for an entity of ``<entity_type>`` and subtype ``$params['subtype']``.
**permissions_check, <entity_type>**
Return boolean for if the user ``$params['user']`` can edit the entity ``$params['entity']``.
@@ -212,9 +212,15 @@ Permission hooks
**permissions_check:comment, <entity_type>**
Return boolean for if the user ``$params['user']`` can comment on the entity ``$params['entity']``.
**permissions_check:annotate**
Return boolean for if the user ``$params['user']`` can create an annotation with the name
``$params['annotation_name']`` on the entity ``$params['entity']``.
**permissions_check:annotate:<annotation_name>, <entity_type>**
Return boolean for if the user ``$params['user']`` can create an annotation ``<annotation_name>`` on the
entity ``$params['entity']``. If logged in, the default is true.
.. note:: This is called before the more general ``permissions_check:annotate`` hook, and its return value is that hook's initial value.
**permissions_check:annotate, <entity_type>**
Return boolean for if the user ``$params['user']`` can create an annotation ``$params['annotation_name']``
on the entity ``$params['entity']``. if logged in, the default is true.
.. warning:: This is functions differently than the ``permissions_check:metadata`` hook by passing the annotation name instead of the metadata object.
@@ -1198,8 +1198,8 @@ public function canComment($user_guid = 0) {
/**
* Can a user annotate an entity?
*
* @tip Can be overridden by registering for the permissions_check:annotate,
* <entity type> plugin hook.
* @tip Can be overridden by registering for the plugin hook [permissions_check:annotate:<name>,
* <entity type>] or [permissions_check:annotate, <entity type>]. The hooks are called in that order.
*
* @tip If you want logged out users to annotate an object, do not call
* canAnnotate(). It's easier than using the plugin hook.
@@ -1220,12 +1220,19 @@ public function canAnnotate($user_guid = 0, $annotation_name = '') {
$return = false;
}
$hooks = _elgg_services()->hooks;
$params = array(
'entity' => $this,
'user' => $user,
'annotation_name' => $annotation_name,
);
return _elgg_services()->hooks->trigger('permissions_check:annotate', $this->type, $params, $return);
if ($annotation_name !== '') {
$return = $hooks->trigger("permissions_check:annotate:$annotation_name", $this->type, $params, $return);
}
$return = $hooks->trigger('permissions_check:annotate', $this->type, $params, $return);
return $return;
}
/**
@@ -77,7 +77,7 @@ public function testSubtypeAddRemove() {
$this->assertFalse(get_subtype_id('object', $test_subtype));
}
public function testElggEnityGetAndSetAnnotations() {
public function testElggEntityGetAndSetAnnotations() {
$this->assertIdentical($this->entity->getAnnotations(array('annotation_name' => 'non_existent')), array());
// save entity and check for annotation
@@ -282,4 +282,77 @@ public function testElggEntityGetIconURL() {
// Test bad param
$this->assertEqual($obj->getIconURL(new \stdClass), elgg_normalize_url('medium.jpg'));
}
public function testCanAnnotateDefault() {
$object = new \ElggObject();
$object->subtype = 'test_1389988642';
$object->save();
$this->assertTrue($object->canAnnotate());
$user = elgg_get_logged_in_user_entity();
elgg_get_session()->removeLoggedInUser();
$this->assertFalse($object->canAnnotate());
elgg_get_session()->setLoggedInUser($user);
$object->delete();
}
public function testCanAnnotateCallsSpecificThenGenericHook() {
$object = new \ElggObject();
$object->subtype = 'test_1389988642';
$object->save();
elgg_register_plugin_hook_handler('permissions_check:annotate:foo', 'object', 'Elgg\Values::getFalse');
$this->assertFalse($object->canAnnotate(0, 'foo'));
// overrides
elgg_register_plugin_hook_handler('permissions_check:annotate', 'object', 'Elgg\Values::getTrue');
$this->assertTrue($object->canAnnotate());
elgg_unregister_plugin_hook_handler('permissions_check:annotate:foo', 'object', 'Elgg\Values::getFalse');
elgg_unregister_plugin_hook_handler('permissions_check:annotate', 'object', 'Elgg\Values::getTrue');
$object->delete();
}
public function testCanAnnotateHookParams() {
$object = new \ElggObject();
$object->subtype = 'test_1389988642';
$object->save();
$call_params = [];
$handler = function ($h, $t, $v, $p) use (&$call_params) {
$call_params[] = $p;
};
elgg_register_plugin_hook_handler('permissions_check:annotate:foo', 'object', $handler);
elgg_register_plugin_hook_handler('permissions_check:annotate', 'object', $handler);
$object->canAnnotate(0, 'foo');
$this->assertSame($call_params[0]['user']->guid, elgg_get_logged_in_user_guid());
$this->assertSame($call_params[1]['user']->guid, elgg_get_logged_in_user_guid());
$this->assertSame($call_params[0]['entity'], $object);
$this->assertSame($call_params[1]['entity'], $object);
$this->assertEqual($call_params[0]['annotation_name'], 'foo');
$this->assertEqual($call_params[1]['annotation_name'], 'foo');
elgg_unregister_plugin_hook_handler('permissions_check:annotate:foo', 'object', $handler);
elgg_unregister_plugin_hook_handler('permissions_check:annotate', 'object', $handler);
$object->delete();
}
public function testCanAnnotateDoesntCallSpecificThenGenericHookForEmptyString() {
$object = new \ElggObject();
$object->subtype = 'test_1389988642';
$object->save();
elgg_register_plugin_hook_handler('permissions_check:annotate:', 'object', 'Elgg\Values::getFalse');
$this->assertTrue($object->canAnnotate());
elgg_unregister_plugin_hook_handler('permissions_check:annotate:', 'object', 'Elgg\Values::getFalse');
$object->delete();
}
}

0 comments on commit 83da5f1

Please sign in to comment.